Lucene search

K
githubGitHub Advisory DatabaseGHSA-RHCG-RWHX-QJ3J
HistoryMay 14, 2022 - 12:56 a.m.

Improper Limitation of a Pathname to a Restricted Directory in Spring Framework

2022-05-1400:56:29
CWE-22
GitHub Advisory Database
github.com
11

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

69.0%

Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

69.0%

Related for GHSA-RHCG-RWHX-QJ3J